* Update permission name from 'Can view Admin interface' to 'Can access admin interface'
based on the current 2025.12 release
Signed-off-by: Kofl <thomas@kofler.tk>
* Fix other references to old permission name
---------
Signed-off-by: Kofl <thomas@kofler.tk>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
* move imports
* core: add digraph group hierarchy
* move to permissions from Group or User to Role
* set group parents on frontend
* do not serialize `GroupParentageNode` directly
* core: enforce unique group name on database level
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use group parents in LDAP provider
* add user-role relationship control to frontend
* move materialized view to be more discoverable
* add guardian to mypy exceptions
* make `Role` a `ManagedModel`
* fixup! make `Role` a `ManagedModel`
* simplify `get_objects_for_user`
* fix flaky unit test
* rename `django-guardian` fork to `ak-guardian`
* add tests around users/groups/roles
* remove unused guardian config variable
* simplify guardian file structure
* clean up frontend
* initial docs
* remove `mode` from `InitialPermissions`
This is no longer needed, since users no longer directly have permissions.
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
* clean up docs for managing permissions
* addendums from docs review
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
* tweaks
* dewi and tana edits to docs
* tweak
* truly final tweaks, for now
* relabel Role Permissions table
* clarify button label
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
* merge migrations
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana M Berry <tana@goauthentik.io>
* website/docs: initial permissions: fix usage of term admin
Should be lowercase and use full word as it refers to an administrator. See pending PR for style guide
Signed-off-by: Dominic R <dominic@sdko.org>
* fix2
Signed-off-by: Dominic R <dominic@sdko.org>
---------
Signed-off-by: Dominic R <dominic@sdko.org>
* basic procedural steps
* more questions, more typos
* more typos
* tweaks
* more content, new links
* fixed link
* tweak
* fix things
* more fixes
* yet more fixes
* Apply suggestions from code review
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
* Update website/docs/users-sources/access-control/initial_permissions.mdx
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
* dewi's edits
* dominic's edits
* gergo edits and more dominic edits
* one more
* yet one more fix
* final gergo observation
* tweak
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tana@goauthentik.io>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
